Motivated in part by how blithely some commenters in this thread seemed to accept the various pretexts used to eliminate any expectation of privacy from private electronic communications (“Of course the sexual life of senior government employees should be monitored because of the blackmail, giving the FBI that power has always worked out well! But she sent some unkind emails! They drove to work on a public road!”), I have a piece up about the drastic reforms that are obviously necessary:

The invasions of privacy in this case make the need for major changes in the law clear. First of all, the federal courts should make clear that there is the same Fourth Amendment right to privacy in electronic communication that there is in telephone calls. The government should have access to emails only after obtaining a warrant after the showing of probably cause. Cases like the investigation of Broadwell’s email—in which “evidence” of wrongdoing that would not be considered adequate cause if applied to snail mail was enough to obtain a warrant—should not go forward.

And much more needs to be done to protect the privacy of employees. A recent decision by the Supreme Court of Canada provides a valuable road map. “Canadians may therefore reasonably expect privacy in the information contained [workplace] computers, at least where personal use is permitted or reasonably expected,” wrote Justice Morris Day. This is the right approach. The Fourth Amendment should give government employees a presumptive expectation of privacy in their electronic communications, including those on workplace computers. And the privacy of private employees should have a similar expectation of privacy established by federal statute. The fact that emails and text messages are stored on third-party servers should not be used to immolate the privacy of individuals.

Comments (74)

First of all, the federal courts should make clear that there is the same Fourth Amendment right to privacy in electronic communication that there is in telephone calls.

Unless I’m mistaken, I believe the courts have in fact made clear the exact opposite of this.

Sidebar: I think the Fourth Amendment is worded really poorly. Not entirely the founders fault; they lived in a pre-industrial society. But the word “unreasonable” there is a giant weak point. All you have to do is create an environment in which its “reasonable” to expect no privacy whatsoever and you’ve gotten around it. It can be gutted the same way the Commerce Clause has been, although in this case it would be a bad rather than good thing.

I’ve seen people make not-insane arguments that we don’t even have a reasonable expectation of privacy in our own homes anymore, because technology that can see through walls in various ways has gotten relatively widespread and affordable.

“Reasonable” and “plausible” are not the same thing. I could make an equivalent argument that we don’t have a reasonable expectation of survival any more because the technology of killing people has advanced so much and been distributed so widely, but I wouldn’t expect anyone to draw any constitutional or policy conclusions (e.g., maybe murder isn’t such a big deal) from that.

But that argument is not the same outside of the Fourth Amendment context. There are a lot of moving parts to the Fourth Amendment, depending on what aspect the Justices focus on, they can evolve its meaning. Scalia sort of started this shift in focus from the Warrant Clause to this mushy reasonableness idea. Also, don’t forget the “search” aspect. No Fourth Amendment violation if it’s not technically a search-plenty of room for chicanery there.

The problem here goes well beyond emails. Privacy as a right has suffered a steady erosion over the last 35 years. Its decline began as an effort to further the drug wars, continued as various rightwing authoritarians (such as Bork) declared that tghe right doesn’t exist because it’s not enumerated in the Constitution, and was utterly demolished over the last 10 years in the war on terror.

Today we have arrived at a point where the privacy of emails is (or should be) the least of our concerns. ALL of our 4th Amendment protections have been removed, and the “right to privacy” no longer exists in any meaningful or even functional way.

Scott, it seems that the main point of my objections to your post were not clear, so let me rephrase them

1) your claims of overreach by the FBI are unsupported by the facts; by that I don’t mean that they are wrong, but only that “anonymous governemnt sources says the investigation that implicated a powerful government man is shaky” is not a good basis on which to debate anything

2) even assuming what you claim is true, still it does not imply that what the FBI did was illegal (whether it *should* be illegal is another matter): but you seem to concede this point in your post

3) The Obama administration (prosecuting the policies of the Bush’s one) is the culprit for that government overreach: if the head of CIA was the victim of government ignoring citizen’s privacy, he amply deserved it: see also point 2)

4) It remains the question: should be what the FBI did illegal? And the results are evidence for a “No” answer: the “victim” were: Petraeus (see point 3) and his hagiographer: that the latter had her reputation destroyed is a GOOD thing.
Of course, there are many other cases that point in the opposite direction, but this is not one of them.

Paula Broadwell’s AND Petraeus’ fall from grace are both well-deserved (his for violating the military’s code of ethics and opening himself up to blackmail charges, hers for being an incredibly shoddy journalist and scholar. Also, the expectation of privacy when sending anonymous harrassing emails is not high on my list of civil liberties concerns.)

Doesn’t change the fact that the affair should not have been discovered. What the FBI did — effectively letting a friend of the recipient of the emails decide how far to push the investigation — was extremely poor practice and completely rife for abuse.

imo, the FBI should have needed to get a warrant just to trace the emails. A judge, not Which-one-is-Fred, should have made that call, which doesn’t appear to be what happened. Then a second warrant (with a much stricter standard) should have been required to actually spy on the contents of Broadwell’s email. From my reading it’s not clear if this warrant was obtained or not — but I think the evidence is clear that it either wasn’t or shouldn’t have been granted. That’s where the abuse lies.

“imo, the FBI should have needed to get a warrant just to trace the emails. A judge, not Which-one-is-Fred, should have made that call, which doesn’t appear to be what happened.”

Under current law, that is clearly not required. The FBI can use administrative subpoenas, in effect subpoenas which it issues itself, and get the info to determine the identity of the person who sent the anonymous emails. Whether a judge’s consent should be required is a different question.

“Then a second warrant (with a much stricter standard) should have been required to actually spy on the contents of Broadwell’s email. From my reading it’s not clear if this warrant was obtained or not — but I think the evidence is clear that it either wasn’t or shouldn’t have been granted. That’s where the abuse lies”

According to the WSJ, a warrant was obtained to look at Broadwell’s emails. Eventually we’ll find out whether this happened or not and, if so, what was put in the affidavit in support of issuance of the warrant.

Thanks. I didn’t read the WSJ piece so I didn’t know they had reported that a warrant to open Broadwell’s email had been issued.

I should also be clear that the first part was an opinion on what the law *should* be. For the FBI, even to trace a harrassing email *should* require a judge’s consent imo (because Kelley’s friend was obviously not an unbiassed party), but I’m aware that under current law this is not required and therefore nothing illegal happened at that stage.

Your 3rd point is similar to the argument I’ve been making on various blogs. I think the argument that Petraeus needs some sort of protection from the state is facile, because as CIA director he is the state or at least a strong part of it.

I just find it hard to accept the argument that the head of the CIA is entitled to any privacy rights in his electronic communications. I have no problem establishing a privacy right for an employee’s electronic communications that aren’t work related but not for the head of the CIA.

And in general, Manta is right. It appears that everything the FBI did was legal under current law. Moreover, if the WSJ is to be believed, they got a warrant to examine Broadwell’s emails so some judge had to agree that there was probable cause that a crime was committed, not just salacious curiosity by some FBI underling.

This is just a very bad set of facts to support an argument that privacy rights should be extended.

I agree. In this case, I don’t think there were any communications between Broadwell and Petraeus that were not work related even if they included details of sexual relationships. I just dont see any good argument that says the government can’t look at the emails between the head of the CIA and his biographer.

According to the WSJ, they got Broadwell’s identity and then applied to district court for a search warrant. And they didnt get an administrative subpoena or FISA warrant In order to get a district court warrant directed at a third pary, even for emails, my understanding is that you have to show probable cause. Scott, I haven’t practiced criminal law for many, many years so I’m no expert on this (and you may have much more knowledge than me) but can you cite me to a case or article holding that district court search warrants for electronic mail don’t need probable cause of a crime being committed? And what the standard is?

And just to make clear, the FBI seems to have used administrative subpoenas or maybe just requests to IP servers to obtain the info that led them to the conclusion that Broadwell was the anonymous person sending the emails. But that information did not include the content of the emails. My understanding is that they were only able to see the content of her emails after they got the district court warrant and that, in order to see the content of emails, you need to convince a federal court that there is probable cause a crime has been committed.

The facts we currently know suggest there was a massive overreach. It is theoretically possible that the FBI, suddenly discovering a scrupulous interest in privacy, isn’t leaking emails that would justify the search. But I sure know how I’m betting.

even assuming what you claim is true, still it does not imply that what the FBI did was illegal

Well, I believe is is quite clearly illegal under the Fourth Amendment. Whether the courts will see it that way is a different issue.

The Obama administration (prosecuting the policies of the Bush’s one) is the culprit for that government overreach: if the head of CIA was the victim of government ignoring citizen’s privacy, he amply deserved it: see also point 2

Your point being?

that the latter had her reputation destroyed is a GOOD thing.

Fascinating. So if someone write a less-than-hard-hitting book, then we’re justified searching through their private communications on the basis of nothing? I’m not following you down the authoritarian road, thanks, and not only do I reject the means I reject the ends.

My understanding is that they got a complaint of anonymous threats being made over the internet. They looked through the emails of the complainant (with her permission of course) and determined (1) that the threats, while a little creepy, did not violate any law but (2) there was evidence of unauthorized access and dissemination of confidential information which was arguably against the law. They determined the identity of the person making the threats and then got a search warrant allowing them to look through all her electronic communications. If that is what happened, I simply don’t see how that was overreaching or illegal.

Of course, all the facts are based on newspapaper articles and anonymous sources so its possible that something else occurred

Fun fact: people get anonymous threats over the internet all the time. Very very few of them get the FBI interested. The abuse of LEO power is another fun part of the ongoing shitshow that our elites have been putting on for us.

But here it was anonymous threats coupled with knowledge of the comings and goings of high ranking officials in the CIA or Army. I just dont have a problem with the FBI under these facts finding out the identity of the person sending the emails and then getting a warrant (if that is indeed what happened). I would have a real problem if they examined Broadwell’s emails without a warrant.

I’m no police state apologist, but I’m just not seeing how the director of the CIA has the right to privacy in this contexts, especially if he sent these emails at his office. I’m talking specifically about senior government officials, not any government employee. The director of the CIA, in a sense, shouldn’t expect privacy from the state because,
in a sense,’he is The State, a very shadowy embodiment of it.

I don’t know how to resolve that one. But both parties here were sophisticated-General and then CIA director, Broadwell a former military officer. She knew who he was and where he worked. If Petraeus has no expectation of privacy I feel like that rubs off on her if she knows who he is and communicates with him while he’s at work or on official trips and whatnot.

The Fourth Amendment should give government employees a presumptive expectation of privacy in their electronic communications, including those on workplace computers.

No, it shouldn’t. The potential for harm from abuse of electronic communications so dramatically exceeds the potential harm from abuse of written, verbal or telephone communications that different standards must apply. This is analogous to the 2nd amendment not protecting your right to own nuclear weapons (or, in my opinion, machine guns).

I can’t mail my friend every social security number of every American in an unabtrusive envelope. I can’t call up a buddy and describe the complete plans of a stealth bomber in a 15 minute phone call. I can do that with email.

The government not only has a right to monitor electronic communications of its employees, but a duty to do so. The government has enormous amounts of information about the US citizenry kept in trust. The privacy rights of 300 million Americans who are required by law to submit information to the government trump the privacy rights of individual employees who are not required by law to use electronic communications for their private correspondence.

I dont get how you can have a presumption of privacy and then monitor the emails. If you have a presumption of privacy, monitoring is not going to be allowed unless you meet whatever the threshold is for rebutting the presumption of privacy.

You can’t have a presumption of privacy. It would be deceptive to tell employees that they have a presumption of privacy except for circumstances which warrant monitoring when all circumstances warrant monitoring. In almost all government jobs which involve information handling, monitoring of employee email will be warranted.

Verbally? No. But there are ways to transmit that data over a person-to-person phone connection in fifteen minutes or less that don’t involve email in any way.

Phones in secure areas have low-pass filters which eliminate the possibility of high freqeuncy data transmission. Many phone lines won’t even work with a 14.4 KBaud modem.

Lines can also be monitored for higher frequencies without monitoring the verbal content of a call. You can catch someone stealing data over the phone without violating privacy rights of people making ordinary calls.

This is an absolutely insane point of view, but one well suited to a vicious sort of authoritarianism. Also:

I can’t mail my friend every social security number of every American in an unabtrusive envelope. I can’t call up a buddy and describe the complete plans of a stealth bomber in a 15 minute phone call. I can do that with email.

That is a bizarre mix of patently false and oddly misleading. Writeable DVDs can carry ~4 Gigabytes of data. I have a 32 Gig flash drive sitting on my desk right now, which is smaller than the finger I’m extending toward the quoted argument. Rough estimate: 1 Gig = 500,000 pages of text. Figure maybe 250 names + SSNs per page (probably far more with compression), that gets you about 50M Name/SSN pairs per DVD. So, 6 DVDs gets you done (if you were super-sneaky, you could fake up some Netflix envelopes), or one 32GB flash drive, or hell, just buy a SSD and mail it in a padded envelope. How many completely innocuous packages far larger than that get sent through the mail all the time?

Never mind that someone serious about the kind of stuff you’re talking about won’t use a fucking GMAIL account; you’d set up an one-time SSH-only FTP drop somewhere unaccountable, with the underlying data also encrypted, maybe a couple times.

I’m going to back away from the “insane” part of my comment, there, because on a couple rereadings, Njorl is clearly speaking only of government employees, and in certain cases (not all), it may be reasonable for them to have reduced expectations of privacy. The rest of the comment stands.

A DVD or a thumbdrive is not an unobtrusive envelope. Any attempt to mail such things from where I work would be intercepted and examined.

How about a 32 GB micro-SD card? They’re the size of a fingernail and almost as thick. You could easily include a number of them in a single envelope and unless you were specifically screening for them you’d never notice. Even if you were screening there’s a good chance that an envelope with one in it would just fly by.

I can’t imagine being a security screener at an actual high-security facility these days. You could quite easily walk out the door with gigs of data secreted in your sock or in a fold in your wallet.

They have the right to search everyone who leaves the building. They have the right to examine and decrypt any electronic media they find.

Someone who is willing to carry physical evidence of their crime on their person is taking a greater risk than someone who transfers data electronically. People who are not professional criminals are more easily deterred from taking such risks.

Something I don’t see addressed much is that getting even the lowest level security clearance entails explicitly signing away a lot of privacy, and an illicit affair is precisely the sort of thing that evaluators frown upon along with general emotional and financial instability. There is no need to appeal to some hazy notion of P having no right to privacy from the state he a part of — getting your dirty laundry aired (not publicly, though) is a formal part of the deal. In principle this has little to do with morality (however defined) within the law; they’re not supposed to care if you have swinger parties in your BSDM dungeon just so long as you tell them about it.

This. I’ve had a (low-level) security clearance. You’re agreeing to a loss of privacy in certain ways and contexts when you sign up. I think that way too many jobs require a security clearance – they are really invasive and we classify a lot of random stuff – but I would assume that “CIA director” requires a top-grade one that involves a horribly invasive investigation among other things. And a requirement that you report any potential breaches or compromises to your facility security officer.

In general, yes, I would support greater privacy rights for electronic communications.

Not sure why you think that the ability of the FBI to get a warrant represents an inadequacy of Fourth Amendment legal principles, as opposed to the usual situation of law enforcement finding a judge who doesn’t have a particularly high bar for “probable cause.”

The “third party” aspect interests me here. As I recall from when I worked at the USPS, investigators could not have access to mail in a PO box without a warrant, neither could they stop a carrier on the street and ask to see a piece of mail, or even ask a letter carrier to confirm the address of somebody. If they asked, we were instructed to ask for a warrant. This isn’t exactly analagous to accessing yahoo or gmail servers for stored email, but it seems close enough that it should carry some precedential weight.

[…] like they’re castrating you or something! •Thoughts on the fact the FBI can just spy on anyone, regardless of warrant or probable cause. The possibility someone who was hot for one of the women […]